Monthly Archives: October 2019

DivX Pro for Mac free again (for some odd reason)

Posted on 09/10/2019 by

As if to beg on its knees "dear Jebus, please make Mac users care about DivX!" the company is once again offering its DivX Pro software for free in exchange for your e-mail address. For those who don't know (and we honestly don't blame you), DivX is an alternative video codec primarily used in pirated video files and some DVD players from the likes of JVC, LG, Samsung, and Sony. Now, before you start slamming my slam, do note: I said primarily, not only. That said, historians have so far been unable to decipher why a portion of computer users felt that we needed Yet Another Video Codec™, though current theories suggest that some people simply have fun endlessly installing pieces of extra software. 苏州美甲

But seriously, we know that there are some of you who apparently enjoy DivX. In addition to the free DivX standalone player and DivX Community Codec which allows QuickTime (and any QuickTime-based applications like Front Row and I think even iTunes) to play DivX files, the DivX Pro package includes two key components that normally cost $19.99. The first is a DivX Converter application that can handle batch conversion to the DivX format, with a clever feature of generating HTML code for easy embedding on the web. The second component is the DivX Pro Codec itself for creating DivX files from QuickTime-compatible apps like iMovie, Final Cut Pro, Adobe Premiere, and After Effects.

Ultimately, giving up your e-mail (which remains private; I jumped on this deal last time) for $20 worth of software is a good trade, but it's only offered for a limited time (with no actual word on when that limit is up). If you need to create DivX files for one reason or another, ye best be actin' sooner as opposed to later laddy.

DNS poisoning used to redirect unwitting surfers

Posted on 09/10/2019 by

In the never-ending war between security researchers and malware authors, each side continually attempts to outmaneuver or out-engineer the other. The latest security threat to hit the white hat radar involves a new form of system-level DNS hijacking. DNS hijacking, in and of itself, is nothing new, but it's now apparently possible to reliably initiate such attacks using web-based malware, rather than relying on an end-user to download or activate a suspicious attachment. 苏州美甲

According to a recent report by PCWorld, research teams working out of Google and the Georgia Institute of Technology have discovered a series of open-recursive DNS servers that were classified as behaving "suspiciously." Open-recursive DNS servers are DNS servers that will answer any lookup request, no matter where it originates. So long as the DNS servers return accurate information—and the vast, vast, majority do—everything is kosher. When open DNS servers don't return valid information, however, they open the door to an entire world of problems.

Poisoning a DNS server allows the malware author to send your computer virtually anywhere he wants. Since your system is being driven to false web sites based on DNS information, there's no way for any malware suite running locally to detect or report on the problem—at least, not once the damage has been done. There are still limitations on what can be done; a false web site set up to look like PNCBank (for example) wouldn't be able to authenticate with the SSL certificate stored on a users' system. Password and logon information could still be gathered in other ways, however, and some users would undoubtedly ignore warning signs by trusting the web address telling them they really were at (

This method of poisoning would also allow for cross-site scripting exploits. If a user's computer is set to allow all JavaScript and cookies from, say, MySpace, the fake MySpace web site would be able to run code as if it was the real web site. This opens the door to all sorts of further exploits and general bad things, all of which might go undetected by the user for quite some time. This type of attack could also be used to build an effective botnet—and more botnets are something we really don't need.

Web 2.0 can act as something of an enabler in this process. Webpage mashups may be a hot marketing term, but pulling content from multiple web sites simultaneously is also one means of infecting the people that visit a site without them knowing what vector the attack initiated from. Fortunately, there are already some solutions to this particular problem.

Vista's UAC would actually defend a system from this type of attack by notifying the user that a program was attempting to change the system's DNS settings. I'm not sure if current malware software from various vendors would detect and prevent DNS-level hijacking, but again, such protection and notification could be implemented on a software level. The availability of user-level protection is by no means a complete solution to the problem; software companies cannot assume that all users avail themselves of the appropriate level of malware software or install the appropriate patches, but it is a place to start.

DisplayLink demonstrates new wireless USB display

Posted on 09/10/2019 by

DisplayLink announced today that it has partnered with Alereon to deliver wireless USB displays. DisplayLink specializes in using USB2 as an efficient means for hooking multiple displays to the same computer without requiring an investment in multiple video cards. Releasing a wireless USB monitor is quite a step for DisplayLink—the company's wired USB2 display technology was released less than a year ago—and it may prove more popular than the company's current system, which requires either a DirectLink-enabled monitor (at a price premium) or an RGB-USB2/DVI-USB2 adapter that apparently sells for around $90. 苏州美甲

According to DisplayLink, there will be no performance penalty for using a wireless monitor, and displays will function at resolutions of up to 1680×1050 at 16.7 million colors. The actual wireless USB chip is produced by Alereon—that's where the partnership comes in—but both companies seem confident that they can deliver a high-quality visual experience without noticeable tear or artifacts. DisplayLink's products aren't suitable for gaming or other functions that depend on split-second reaction times, but the company claims that DVD playback is flawless, even over its new wireless USB2 technology.

By all accounts, DisplayLink's current wired USB2 technology works quite well at resolutions of up to 1600×1200, and a wireless solution could definitely increase the concept's attractiveness, particularly in system deployments where space is at a premium. DisplayLink hasn't stated how, exactly, monitors will interface with its wireless system. Ideally, the company could offer a small transmitter/receiver unit that plugs into a monitor's DVI cable, with a similar device hooked into the back of the computer. If that's not possible, end users will have to pony up for a display that specifically incorporates the DisplayLink/Alereon wireless technology at a price premium.

GAO blasts government “planning” for digital TV transition

Posted on 09/10/2019 by

The Government Accountability Office has just released a report to Congress (PDF) slamming the efforts of the FCC and the NTIA to alert consumers about the upcoming transition to digital television. The report finds that, despite plenty of work done by various agencies and private organizations, "no comprehensive plan exists" to manage the entire transition. 苏州美甲

If it's difficult to explain the February 2009 digital TV transition to consumers, it's doubly difficult when hundreds of different groups are involved. The GAO points out that over 160 "business, trade, grassroots, and other organizations" are involved with the Digital Television Transition Coalition. The group, which is trying to get the word out so that angry seniors don't beat down their doors, also needs to coordinate with the two government agencies involved with the transition.

And that level of coordination demands a Plan, a Plan complete with milestones, key goals, and risk mitigation scenarios. In other words, a long and boring document. But as FCC Chairman Kevin Martin admitted in an interview with GAO auditors, the FCC has no such formal plan. Instead, said Martin, "the various orders contained in the FCC dockets amount to a plan."

Yes, I am. But is the government?

The GAO disagrees. And without an overarching plan,the GAO worries that government and private industry will run into coordination problems. "Complicating matters is uncertainty regarding retailer participation and readiness and potential challenges related to inventory planning," says the report. "With limited or delayed retailer participation, consumers might face difficulties in redeeming their coupons for eligible converter boxes during the designated time period." And if the converter box program turns into a debacle, things could get ugly.

Now, the FCC and the NTIA have all done plenty of work; the FCC has even launched an ugly but functional web site (complete with Netscape favicon) for consumers. Private industry, too, has agreed to spend millions promoting the transition, with the Consumer Electronics Association, the National Association of Broadcasters, and the National Cable & Telecommunications Association all chipping in.

But the GAO wants coordination and milestones, and its report issues guidance for how to get such a Plan together. The official responses to this advice have been interesting. Kevin Martin sent a letter to the GAO complaining about the report's approach and conclusions, but didn't bother to indicate why. Instead, he spent most of the letter complaining that the GAO would not include a lengthy FCC document in the report (the GAO has put it up online).

The Department of Commerce, which runs the NTIA, acknowledged that simply relying on voluntary industry participation for such a crucial campaign had certain risks, but Commerce was not at all convinced that establishing a "digital transition czar" was the right answer. The GAO drily notes that "we did not recommend establishing a digital transition czar" and that Commerce offered no comment on the actual recommendations made.

So, with the government agencies apparently unwilling to address the actual recommendations made by the GAO, it doesn't look like a full-fledged Plan will be forthcoming. Let's hope the transition goes smoothly without one. If not, you stock up on the pitchforks, I'll collect the torches, and we'll meet at the FCC on a cold day in 2009 when the glow from our TVs turns to static. (Note: I have an ATSC-ready TV, so I won't actually be there. But I'll be thinking of you! Stay warm!)

.Mac’s latest trick: Taking Apple’s #2 retail sales spot

Posted on 09/10/2019 by

Though the debates around .Mac's usefulness, reliability, and shortcomings show no sign of cooling, analyst firm NPD Group says that the service is now Apple's second-best seller in retail stores (it has even ranked with AppleCare at number 6 in the online store). Considering that the boxed version of .Mac contains not much more than a license code on a slip of paper, this Software-as-a-Service (SaaS) development is impressing the tech web. 苏州美甲

As Computerworld points out, NPD Group says software sales (both on and offline) are (surprisingly) up by 10 percent this year, despite a decided lack of shelf space at major retailers like Best Buy and Circuit City. Packages like security software, Adobe CS3, and Office 2007 (which, by itself, apparently counts for one out of every six dollars spent on software this year) are all to thank for the upswing in sales. An exploration of a forthcoming surge in SaaS offerings could lead to more software sales success—even if the physical boxes are full of air. AdventNet, for example, is gearing up to start selling $50 boxes of one-year subscriptions to its Zoho online office suite, which ironically beat competitor Google Docs to working offline with Google's own Google Gears Firefox plug-in.

Apple is, in part, credited with the smarts to "go retro" some time ago with its efforts to sell SaaS in a physical box when software was going online and downloadable. Offering .Mac in a box gives customers something physical to wrap both their hands and minds around, and it also lends itself well to things like being gifted by a friend or family member.

Still, the matter of .Mac's number 2 retail sales spot is pretty significant, and might lead to more support and feature updates. As a happy .Mac member through thick and thin for the past four years, I would certainly like to see Apple do more with the service, now that its benefits finally seem to be taking off with the general customer.